<?php 

	include_once("conn.php");	
 	    
	 
//http://192.168.1.100/s/login.php?username=sm2&password=123

 

	$username= G("username"); /// _POST
	$password= G("password"); //_POST

	if(strlen($password)<1 || strlen($username)<1 )
	{ 
		$ret->code=-1; 
		$ret->desc="no param";
 
		die( json_encode($ret) );  
	}


 	$strsql="select * from tb_user where userName='$username'"; 

	// 执行sql查询
	$result=mysql_query($strsql, $conn);
	  
	 
	$rows=mysql_fetch_assoc($result);
	if(!$rows)
	{
              
		//echo "不存在此用户";
          
		$ret->code=-1; 
		$ret->desc="no user!";
		//echo $username;
		die( json_encode($ret) );  
	}
	//	else if($rows[0]!=md5($password.$rows[1]))
	else if($rows["password"]!=$password )
	{
                 
		 //echo "密码错误";
                 
		$ret->code=0; 
		$ret->desc="wrong pwd!";
	  
		die( json_encode($ret) );  
	}else{
		//echo "登陆成功 $rows[1]";
		$rows["password"]="pwd";

		$name=$username;
		$time=time();
		$key='kie2130942323';	//用户名+时间+key md5生成令牌号。
		$md5=md5($name.urlencode($name).$time.$key);
		 
		 //返回token给用户 他可以用令牌来访问了。
		//echo "   $md5";

		//user更新token 登陆记录
		$s2="update tb_user set token='$md5' , loginTime=now(), lastHeartBeatTime=now() where userName='$username' "; 
		 mysql_query($s2, $conn)  or die(" update err");
		 
		// echo "   $s2" , mysql_affected_rows() ;

		$ret->code=1;
		$ret->token=$md5; 
		$ret->desc="login ok";
		$ret->me=$rows;

		echo json_encode($ret  );
	}

     
	if($result) mysql_free_result($result);
	  
    	mysql_close();

?>